[Deps] Safe dependency updates (2026-04-21)

[github-actions]

Automated Safe Dependency Updates

This PR contains safe minor/patch-level dependency updates that have been verified to:

• ✅ Pass all tests (3 pre-existing failures unrelated to these changes)
• ✅ Have no breaking changes
• ✅ No security vulnerabilities introduced

Updated Dependencies

Package	Previous	Updated	Type
@typescript-eslint/eslint-plugin	8.58.2	8.59.0	minor
@typescript-eslint/parser	8.58.2	8.59.0	minor
typescript-eslint	8.58.2	8.59.0	minor
markdownlint-cli2	0.21.0	0.22.0	minor

Security Status

• npm audit reports 0 vulnerabilities across all 649 dependencies
• No Dependabot alerts found

Verification

• All tests pass (1611/1614 — 3 pre-existing failures in /var/tmp permission tests unrelated to this change)
• No breaking changes detected
• package-lock.json updated

Notes

Only package-lock.json is updated. package.json ranges already cover these versions. Other outdated packages (chalk, commander, execa, esbuild) have major version bumps with potential breaking changes and are excluded from this automated update.

---

Generated by Dependency Security Monitor Workflow

---

Warning

Protected Files

This was originally intended as a pull request, but the patch modifies protected files. These files may affect project dependencies, CI/CD pipelines, or agent behaviour. Please review the changes carefully before creating the pull request.

Click here to create the pull request once you have reviewed the changes

Protected files

• package-lock.json

To route changes like this to a review issue instead of blocking, configure protected-files: fallback-to-issue in your workflow configuration.

Generated by Dependency Security Monitor · ● 390K · ◷